Difference between revisions of "PKI Server ACME CLI"

From Dogtag
Jump to: navigation, search
(Created page with "= Creating ACME Subsystem = <pre> $ pki-server acme-create </pre> = Deploying ACME Subsystem = <pre> $ pki-server acme-deploy </pre> = Undeploying ACME Subsystem = <pre>...")
 
m (See Also)
(5 intermediate revisions by the same user not shown)
Line 21: Line 21:
 
<pre>
 
<pre>
 
$ pki-server acme-remove
 
$ pki-server acme-remove
 +
</pre>
 +
 +
= Displaying ACME Metadata Configuration =
 +
 +
<pre>
 +
$ pki-server acme-metadata-show
 +
  Terms of Service: https://www.dogtagpki.org/wiki/PKI_ACME_Responder
 +
  Website: https://www.dogtagpki.org/wiki/PKI_ACME_Responder
 +
  CAA Identities: dogtagpki.org
 +
  External Account Required: false
 +
</pre>
 +
 +
= Modifying ACME Metadata Configuration =
 +
 +
<pre>
 +
$ pki-server acme-metadata-mod
 +
The current value is displayed in the square brackets.
 +
To keep the current value, simply press Enter.
 +
To change the current value, enter the new value.
 +
To remove the current value, enter a blank space.
 +
 +
Enter the location of the terms of service.
 +
  Terms of Service [https://www.dogtagpki.org/wiki/PKI_ACME_Responder]:
 +
 +
Enter the location of the website.
 +
  Website [https://www.dogtagpki.org/wiki/PKI_ACME_Responder]:
 +
 +
Enter the CAA identities.
 +
  CAA Identities [dogtagpki.org]:
 +
 +
Enter true/false whether an external account is required.
 +
  External Account Required [false]:
 
</pre>
 
</pre>
  
Line 27: Line 59:
 
<pre>
 
<pre>
 
$ pki-server acme-issuer-show
 
$ pki-server acme-issuer-show
 +
  Issuer Type: pki
 +
  Server URL: https://localhost:8443
 +
  Agent Username: caadmin
 +
  Agent Password: ********
 +
  Certificate Profile: acmeServerCert
 
</pre>
 
</pre>
  
Line 33: Line 70:
 
<pre>
 
<pre>
 
$ pki-server acme-issuer-mod
 
$ pki-server acme-issuer-mod
 +
The current value is displayed in the square brackets.
 +
To keep the current value, simply press Enter.
 +
To change the current value, enter the new value.
 +
To remove the current value, enter a blank space.
 +
 +
Enter the type of the certificate issuer. Available types: pki.
 +
  Issuer Type [pki]:
 +
 +
Enter the location of the PKI server.
 +
  Server URL [https://localhost:8443]:
 +
 +
Enter the certificate nickname for client authentication.
 +
This might be the CA agent certificate.
 +
Enter blank to use basic authentication.
 +
  Client Certificate []:
 +
 +
Enter the username of the CA agent for basic authentication.
 +
Enter blank if a CA agent certificate is used for client authentication.
 +
  Agent Username [caadmin]:
 +
 +
Enter the CA agent password for basic authentication.
 +
Enter blank if the password is already stored in a separate property file
 +
or if a CA agent certificate is used for client authentication.
 +
  Agent Password [********]:
 +
 +
Enter the certificate profile for issuing ACME certificates.
 +
  Certificate Profile [acmeServerCert]:
 
</pre>
 
</pre>
  
Line 38: Line 102:
  
 
* [[PKI Server CLI]]
 
* [[PKI Server CLI]]
 +
* [[PKI ACME Responder]]
 +
* [https://github.com/dogtagpki/pki/blob/master/docs/installation/Installing_ACME_Responder.md Installing ACME Responder]
 +
* [https://github.com/dogtagpki/pki/blob/master/docs/user/Using_ACME_Responder.md Using ACME Responder]
 +
* [https://github.com/dogtagpki/pki/blob/master/docs/manuals/man8/pki-server-acme.8.md pki-server-acme(8)]

Revision as of 23:25, 21 May 2020

Creating ACME Subsystem

$ pki-server acme-create

Deploying ACME Subsystem

$ pki-server acme-deploy

Undeploying ACME Subsystem

$ pki-server acme-undeploy

Removing ACME Subsystem

$ pki-server acme-remove

Displaying ACME Metadata Configuration

$ pki-server acme-metadata-show
  Terms of Service: https://www.dogtagpki.org/wiki/PKI_ACME_Responder
  Website: https://www.dogtagpki.org/wiki/PKI_ACME_Responder
  CAA Identities: dogtagpki.org
  External Account Required: false

Modifying ACME Metadata Configuration

$ pki-server acme-metadata-mod
The current value is displayed in the square brackets.
To keep the current value, simply press Enter.
To change the current value, enter the new value.
To remove the current value, enter a blank space.

Enter the location of the terms of service.
  Terms of Service [https://www.dogtagpki.org/wiki/PKI_ACME_Responder]: 

Enter the location of the website.
  Website [https://www.dogtagpki.org/wiki/PKI_ACME_Responder]: 

Enter the CAA identities.
  CAA Identities [dogtagpki.org]: 

Enter true/false whether an external account is required.
  External Account Required [false]: 

Displaying ACME Issuer Configuration

$ pki-server acme-issuer-show
  Issuer Type: pki
  Server URL: https://localhost:8443
  Agent Username: caadmin
  Agent Password: ********
  Certificate Profile: acmeServerCert

Modifying ACME Issuer Configuration

$ pki-server acme-issuer-mod
The current value is displayed in the square brackets.
To keep the current value, simply press Enter.
To change the current value, enter the new value.
To remove the current value, enter a blank space.

Enter the type of the certificate issuer. Available types: pki.
  Issuer Type [pki]: 

Enter the location of the PKI server.
  Server URL [https://localhost:8443]: 

Enter the certificate nickname for client authentication.
This might be the CA agent certificate.
Enter blank to use basic authentication.
  Client Certificate []: 

Enter the username of the CA agent for basic authentication.
Enter blank if a CA agent certificate is used for client authentication.
  Agent Username [caadmin]: 

Enter the CA agent password for basic authentication.
Enter blank if the password is already stored in a separate property file
or if a CA agent certificate is used for client authentication.
  Agent Password [********]: 

Enter the certificate profile for issuing ACME certificates.
  Certificate Profile [acmeServerCert]: 

See Also